public async static Task <IHttpResponse> GetByIdAsync( [QueryParameter(Name = IntegrationIdPropertyName)] IRef <XIntegration> integrationRef, IAuthApplication application, SessionToken security, ContentTypeResponse <XIntegration> onFound, NotFoundResponse onNotFound, UnauthorizedResponse onUnauthorized) { if (!security.accountIdMaybe.HasValue) { return(onUnauthorized()); } var accountId = security.accountIdMaybe.Value; return(await await integrationRef.StorageGetAsync( integration => { return Auth.Method.ById(integration.Method, application, method => { integration.methodName = method.name; return onFound(integration); }, () => onNotFound()); }, () => onNotFound().AsTask())); }
public static async Task <IHttpResponse> GetAsync( [QueryParameter(Name = SessionIdPropertyName, CheckFileName = true)] IRef <Session> sessionRef, EastFive.Api.SessionTokenMaybe security, IAuthApplication application, ContentTypeResponse <Session> onFound, NotFoundResponse onNotFound, UnauthorizedResponse onUnauthorized, ConfigurationFailureResponse onConfigurationFailure) { if (!IsAnonSessionAllowed()) { if (security.sessionId != sessionRef.id) { return(onUnauthorized()); } } return(await await sessionRef.StorageGetAsync( (session) => { return Web.Configuration.Settings.GetUri( EastFive.Security.AppSettings.TokenScope, scope => { return Web.Configuration.Settings.GetDouble(Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes, (tokenExpirationInMinutes) => { return GetClaimsAsync(application, session.authorization, (claims, accountIdMaybe, authorized) => { session.account = accountIdMaybe; session.authorized = authorized; return Api.Auth.JwtTools.CreateToken(session.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return onFound(session); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig), (configName, issue) => onConfigurationFailure(configName, issue)); }, (why) => onNotFound()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, () => onNotFound().AsTask())); bool IsAnonSessionAllowed() { var appType = application.GetType(); if (!appType.TryGetAttributeInterface <IConfigureAuthorization>(out IConfigureAuthorization authConfig)) { return(false); } return(authConfig.IsAnonymousSessionAllowed); } }
public static async Task <IHttpResponse> SendToPostman( [QueryId] IRef <MonitoringRequest> monitoringRequestRef, [QueryParameter(Name = WhenPropertyName)] DateTime when, Security security, ContentTypeResponse <Meta.Postman.Resources.Collection.Item> onContent, NotFoundResponse onNotFound, GeneralFailureResponse onFailure) { return(await await monitoringRequestRef .StorageGetAsync( additionalProperties : (query) => query.Where(item => item.when == when), onFound : async itemToCreateOrUpdate => { var postmanItem = await itemToCreateOrUpdate.ConvertToPostmanItemAsync(); return await Collection.CreateOrUpdateMonitoringCollectionAsync( $"MonitoringRequest - {itemToCreateOrUpdate.when}", itemToCreateOrUpdate.url, collectionToModify => { return collectionToModify .AppendItem(postmanItem, folderName: itemToCreateOrUpdate.folderName); }, onCreatedOrUpdated: (discard) => onContent(postmanItem), onFailure: why => onFailure(why)); }, onDoesNotExists : () => onNotFound().AsTask())); }
public static async Task <HttpResponseMessage> QueryBySessionAsync( [QueryParameter(Name = "session")] IRef <Session> sessionRef, Api.Azure.AzureApplication application, MultipartResponseAsync <Method> onContent, ReferencedDocumentNotFoundResponse <Session> onIntegrationNotFound) { return(await await sessionRef.StorageGetAsync( session => { var integrationProviders = application.LoginProviders .Where(loginProvider => loginProvider.Value.GetType().IsSubClassOfGeneric(typeof(IProvideSession))) .Select( async loginProvider => { var supportsIntegration = await(loginProvider.Value as IProvideSession).SupportsSessionAsync(session); return supportsIntegration.PairWithValue(loginProvider); }) .Await() .Where(kvp => kvp.Key) .SelectValues() .Select( (loginProvider) => { return new Method { authenticationId = new Ref <Method>(loginProvider.Value.Id), name = loginProvider.Value.Method, }; }); return onContent(integrationProviders); }, () => onIntegrationNotFound().AsTask())); }
public static async Task <HttpResponseMessage> GetAllSecureAsync( [QueryParameter(Name = "ApiKeySecurity")] string apiSecurityKey, [QueryParameter(Name = "authorization")] IRef <Authorization> authorizationRef, ApiSecurity apiSecurity, AzureApplication application, HttpRequestMessage request, MultipartResponseAsync <Authorization> onContent, RedirectResponse onSuccess, NotFoundResponse onNotFound, ForbiddenResponse onFailure) { return(await await authorizationRef.StorageGetAsync( async authorization => { return await await Method.ById(authorization.Method, application, async method => { return await await method.ParseTokenAsync(authorization.parameters, application, (externalId, loginProvider) => { return Auth.Redirection.ProcessAsync(authorization, async updatedAuth => { }, method, externalId, authorization.parameters, Guid.NewGuid(), request.RequestUri, application, loginProvider, (uri) => onSuccess(uri), (why) => onFailure().AddReason(why), application.Telemetry); }, why => onFailure().AddReason(why).AsTask()); }, () => onFailure().AddReason("Method no longer supported").AsTask()); }, () => onNotFound().AsTask())); }
[Api.HttpPost] //(MatchAllBodyParameters = false)] public async static Task <HttpResponseMessage> CreateAsync( [Property(Name = AccountPropertyName)] Guid accountId, [Property(Name = AuthorizationPropertyName)] IRef <Authorization> authorizationRef, [Resource] AccountMapping accountMapping, Api.Azure.AzureApplication application, Api.SessionToken security, CreatedResponse onCreated, ForbiddenResponse onForbidden, UnauthorizedResponse onUnauthorized, ReferencedDocumentDoesNotExistsResponse <Authorization> onAuthenticationDoesNotExist, GeneralConflictResponse onFailure) { if (!await application.CanAdministerCredentialAsync(accountId, security)) { return(onUnauthorized()); } return(await await authorizationRef.StorageGetAsync( async authorization => { accountMapping.Method = authorization.Method; // method is used in the .mappingId var authorizationLookup = new AuthorizationLookup { accountMappingRef = accountMapping.mappingId, authorizationLookupRef = authorizationRef, }; return await await authorizationLookup.StorageCreateAsync( async(idDiscard) => { accountMapping.accountMappingLookup = await await authorization.ParseCredentailParameters( application, (accountKey, loginProvider) => { var lookup = new AccountMappingLookup() { accountkey = accountKey, accountMappingId = accountMapping.mappingId, Method = authorization.Method, }; return lookup.StorageCreateAsync( (discard) => new RefOptional <AccountMappingLookup>( lookup.accountMappingLookupId), () => new RefOptional <AccountMappingLookup>()); }, (why) => { var amLookupMaybe = new RefOptional <AccountMappingLookup>(); return amLookupMaybe.AsTask(); }); return await accountMapping.StorageCreateAsync( createdId => { return onCreated(); }, () => onForbidden().AddReason("Account is already mapped to that authentication.")); }, () => onFailure("Authorization is already mapped to another account.").AsTask()); }, () => onAuthenticationDoesNotExist().AsTask())); }
public static Task <IHttpResponse> GetByIdAsync( [QueryId] IRef <InvocationMessage> invocationMessageRef, ContentTypeResponse <InvocationMessage> onFound, NotFoundResponse onNotFound) { return(invocationMessageRef.StorageGetAsync( (InvocationMessage ent) => onFound(ent), () => onNotFound())); }
public static Task <IHttpResponse> GetByIdAsync( [QueryId] IRef <MonitoringRequest> monitoringRequestRef, [QueryParameter(Name = WhenPropertyName)] DateTime when, Security security, ContentTypeResponse <MonitoringRequest> onContent, NotFoundResponse onNotFound) { return(monitoringRequestRef .StorageGetAsync( additionalProperties: (query) => query.Where(item => item.when == when), onFound: mr => onContent(mr), onDoesNotExists: () => onNotFound())); }
public static async Task <IHttpResponse> GetAsync( //[WorkflowNewId] //[WorkflowVariable( // Workflows.PasswordLoginCreateAccount.Variables.State, // AuthorizationPropertyName)] [OptionalQueryParameter(Name = AuthorizationPropertyName)] IRefOptional <Authorization> authorizationRefOptional, [WorkflowParameter( Value = "d989b604-1e25-4d77-b79e-fe1c7d36f833", Description = "Unique and static to each client (i.e. iOS or Web)")] [QueryParameter(Name = ClientPropertyName)] IRef <Client> clientRef, [WorkflowNewId(Description = "No idea what this does.")] [OptionalQueryParameter(Name = ValidationPropertyName)] string validation, IAuthApplication application, IProvideUrl urlHelper, //ContentTypeResponse<Authentication> onFound, [WorkflowVariable( Workflows.PasswordLoginCreateAccount.Variables.Authorization, Authentication.AuthenticationPropertyName)] [WorkflowVariableRedirectUrl( VariableName = Workflows.PasswordLoginCreateAccount.Variables.AuthorizationRedirect)] RedirectResponse onFound, ReferencedDocumentNotFoundResponse <Client> onInvalidClient) { return(await await clientRef.StorageGetAsync( (client) => { var authentication = new Authentication { authenticationRef = SecureGuid.Generate().AsRef <Authentication>(), authorizationMaybe = authorizationRefOptional, client = clientRef, }; return authentication.StorageCreateAsync( (entity) => { var location = urlHelper.GetLocation <Authentication>( auth => auth.authenticationRef.AssignQueryValue(authentication.authenticationRef), application); return onFound(location); }); }, () => onInvalidClient().AsTask())); }
[Api.HttpPatch] //(MatchAllBodyParameters = false)] public async static Task <IHttpResponse> UpdateAsync( [Property(Name = IntegrationIdPropertyName)] IRef <XIntegration> integrationRef, [Property(Name = AuthorizationPropertyName)] IRef <Authorization> authorizationRef, Api.Azure.AzureApplication application, EastFive.Api.SessionToken security, ContentTypeResponse <XIntegration> onUpdated, NotFoundResponse onNotFound, ForbiddenResponse onForbidden, ReferencedDocumentDoesNotExistsResponse <Authorization> onAuthorizationDoesNotExist, UnauthorizedResponse onUnauthorized) { return(await integrationRef.StorageUpdateAsync( async (integration, saveAsync) => { var accountId = integration.accountId; if (!await application.CanAdministerCredentialAsync(accountId, security)) { return onUnauthorized(); } return await await authorizationRef.StorageGetAsync( async authorization => { if (!await application.ShouldAuthorizeIntegrationAsync(integration, authorization)) { return onForbidden().AddReason("Authorization is not accessable to this account."); } integration.Method = authorization.Method; // method is used in the .mappingId integration.authorization = authorizationRef.Optional(); integration.methodName = await Auth.Method.ById(authorization.Method, application, method => method.name, () => string.Empty); await saveAsync(integration); return onUpdated(integration); }, () => onAuthorizationDoesNotExist().AsTask()); }, () => onNotFound(), onModificationFailures: StorageConstraintUniqueAttribute.ModificationFailure( (XIntegration x) => x.authorization, () => { // TODO: Check if mapping is to this integration and reply already created. return onForbidden().AddReason("Authorization is already in use."); }).AsArray())); }
[Api.HttpPatch] //(MatchAllBodyParameters = false)] public async static Task <HttpResponseMessage> UpdateAsync( [Property(Name = IntegrationIdPropertyName)] IRef <Integration> integrationRef, [Property(Name = AuthorizationPropertyName)] IRef <Authorization> authorizationRef, Api.Azure.AzureApplication application, EastFive.Api.SessionToken security, ContentTypeResponse <Integration> onUpdated, NotFoundResponse onNotFound, NotModifiedResponse onNotModified, ForbiddenResponse onForbidden, ReferencedDocumentDoesNotExistsResponse <Authorization> onAuthenticationDoesNotExist, UnauthorizedResponse onUnauthorized) { return(await integrationRef.StorageUpdateAsync( async (integration, saveAsync) => { var accountId = integration.accountId; if (!await application.CanAdministerCredentialAsync(accountId, security)) { return onUnauthorized(); } return await await authorizationRef.StorageGetAsync( async authorization => { // TODO? This // var accountIdDidMatch = await await authorization.ParseCredentailParameters( integration.Method = authorization.Method; // method is used in the .mappingId integration.authorization = authorizationRef.Optional(); return await await SaveAuthorizationLookupAsync(integration.integrationRef, authorization.authorizationRef, async() => { await saveAsync(integration); return await SaveAccountLookupAsync(accountId, integration, () => onUpdated(integration)); }, () => { // TODO: Check if mapping is to this integration and reply already created. return onForbidden().AddReason("Authorization is already in use.").AsTask(); }); }, () => { return onNotModified().AsTask(); }); }, () => onNotFound())); }
public static async Task <HttpResponseMessage> GetAsync( [QueryParameter(Name = SessionIdPropertyName, CheckFileName = true)] IRef <Session> sessionRef, EastFive.Api.SessionToken security, Api.Azure.AzureApplication application, UrlHelper urlHelper, ContentTypeResponse <Session> onFound, NotFoundResponse onNotFound, UnauthorizedResponse onUnauthorized, ConfigurationFailureResponse onConfigurationFailure) { if (security.sessionId != sessionRef.id) { return(onUnauthorized()); } return(await await sessionRef.StorageGetAsync( (session) => { return Web.Configuration.Settings.GetUri( EastFive.Security.AppSettings.TokenScope, scope => { return Web.Configuration.Settings.GetDouble(Security.SessionServer.Configuration.AppSettings.TokenExpirationInMinutes, (tokenExpirationInMinutes) => { return GetClaimsAsync(application, session.authorization, (claims, accountIdMaybe, authorized) => { session.account = accountIdMaybe; session.authorized = authorized; return BlackBarLabs.Security.Tokens.JwtTools.CreateToken(session.id, scope, TimeSpan.FromMinutes(tokenExpirationInMinutes), claims, (tokenNew) => { session.token = tokenNew; return onFound(session); }, (missingConfig) => onConfigurationFailure("Missing", missingConfig), (configName, issue) => onConfigurationFailure(configName, issue)); }, (why) => onNotFound()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, (why) => onConfigurationFailure("Missing", why).AsTask()); }, () => onNotFound().AsTask())); }
public static async Task <IHttpResponse> GetAsync( [QueryParameter(Name = AuthenticationPropertyName)] IRef <Authentication> authenticationRef, [Accepts(Media = "text/html")] MediaTypeWithQualityHeaderValue accept, ContentTypeResponse <Authentication> onFound, HtmlResponse onHtmlWanted, NotFoundResponse onNotFound) { if (!accept.IsDefaultOrNull()) { return(onHtmlWanted(Properties.Resources.loginHtml)); } return(await authenticationRef.StorageGetAsync( (authentication) => { return onFound(authentication); }, () => onNotFound())); }
public static Task <IHttpResponse> HttpGetAsync <TResource>( this IRef <TResource> resourceRef, ContentTypeResponse <TResource> onFound, NotFoundResponse onNotFound, Func <TResource, TResource> mutation = default) where TResource : IReferenceable { return(resourceRef.StorageGetAsync( (resource) => { if (mutation.IsDefaultOrNull()) { return onFound(resource); } var updatedResource = mutation(resource); return onFound(updatedResource); }, () => onNotFound())); }
public static async Task <HttpResponseMessage> QueryByIntegrationAsync( [QueryParameter(Name = "integration")] IRef <Integration> integrationRef, Api.Azure.AzureApplication application, EastFive.Api.SessionToken security, MultipartResponseAsync <Method> onContent, UnauthorizedResponse onUnauthorized, ReferencedDocumentNotFoundResponse <Integration> onIntegrationNotFound) { return(await await integrationRef.StorageGetAsync( async (integration) => { var accountId = integration.accountId; if (!await application.CanAdministerCredentialAsync(accountId, security)) { return onUnauthorized(); } var integrationProviders = application.LoginProviders .Where(loginProvider => loginProvider.Value.GetType().IsSubClassOfGeneric(typeof(IProvideIntegration))) .Select( async loginProvider => { var integrationProvider = loginProvider.Value as IProvideIntegration; var supportsIntegration = await integrationProvider.SupportsIntegrationAsync(accountId); return supportsIntegration.PairWithValue(loginProvider); }) .Await() .Where(kvp => kvp.Key) .SelectValues() .Select( (loginProvider) => { var integrationProvider = loginProvider.Value as IProvideIntegration; return new Method { authenticationId = new Ref <Method>(loginProvider.Value.Id), name = integrationProvider.GetDefaultName(new Dictionary <string, string>()), }; }); return await onContent(integrationProviders); }, () => onIntegrationNotFound().AsTask())); }
public async static Task <IHttpResponse> AuthorizeAsync( [QueryParameter(Name = "session")] IRef <Session> sessionRef, [UpdateId(Name = AuthorizationIdPropertyName)] IRef <Authorization> authorizationRef, [Property(Name = ParametersPropertyName)] IDictionary <string, string> parameters, Api.Azure.AzureApplication application, IInvokeApplication endpoints, IHttpRequest request, CreatedBodyResponse <Session> onCreated, NotFoundResponse onAuthorizationDoesNotExist, ForbiddenResponse onAuthorizationFailed, ServiceUnavailableResponse onServiceUnavailable, ForbiddenResponse onInvalidMethod, GeneralConflictResponse onFailure) { return(await await authorizationRef.StorageGetAsync( (authorization) => { return AuthenticateWithSessionAsync(authorizationRef, sessionRef, authorization.Method, parameters, application, endpoints, request, onAuthorized: (sessionCreated, redirect) => { var response = onCreated(sessionCreated, contentType: "application/json"); response.SetLocation(redirect); return response; }, onAuthorizationDoesNotExist: () => onAuthorizationDoesNotExist(), onServiceUnavailable: (why) => onServiceUnavailable().AddReason(why), onInvalidMethod: (why) => onInvalidMethod().AddReason(why), onAuthorizationFailed: why => onAuthorizationFailed().AddReason(why)); }, () => onAuthorizationDoesNotExist().AsTask())); }
public static async Task <TResult> DeleteInternalAsync <TResult>( IRef <Integration> integrationRef, Api.Azure.AzureApplication application, Func <TResult> onDeleted, Func <TResult> onNotFound) { var integrationMaybe = await integrationRef.StorageGetAsync(i => i, () => default(Integration?)); if (!integrationMaybe.HasValue) { return(onNotFound()); } var integration = integrationMaybe.Value; return(await await integrationRef.StorageDeleteAsync( onDeleted: async(discard) => { if (integration.authorization.HasValue) { var authorizationId = integration.authorization.id.Value; var authorizationLookupRef = authorizationId.AsRef <AuthorizationIntegrationLookup>(); await authorizationLookupRef.StorageDeleteAsync( onDeleted: (discard) => true); } var accountIntegrationRef = integration.accountId.AsRef <AccountIntegrationLookup>(); await accountIntegrationRef.StorageUpdateAsync( async(accountLookup, saveAsync) => { accountLookup.integrationRefs = accountLookup.integrationRefs.ids .Where(id => id != integration.id) .AsRefs <Integration>(); await saveAsync(accountLookup); return true; }); return onDeleted(); }, () => onNotFound().AsTask())); }
public static async Task <IHttpResponse> DeleteAsync( [UpdateId(Name = IntegrationIdPropertyName)] IRef <XIntegration> integrationRef, IAuthApplication application, EastFive.Api.SessionToken security, NoContentResponse onDeleted, NotFoundResponse onNotFound, ForbiddenResponse onForbidden) { var integrationMaybe = await integrationRef.StorageGetAsync(i => i, () => default(XIntegration?)); if (!integrationMaybe.HasValue) { return(onNotFound()); } var integration = integrationMaybe.Value; if (!await application.CanAdministerCredentialAsync(integration.accountId, security)) { return(onForbidden()); } return(await DeleteInternalAsync(integrationRef, () => onDeleted(), () => onNotFound())); }
private static async Task <TResult> GetSessionAcountAsync <TResult>(IRef <Authorization> authorizationRef, Api.Azure.AzureApplication application, Func <Guid, bool, TResult> onSuccess, Func <string, bool, TResult> onFailure) { return(await await authorizationRef.StorageGetAsync( async (authorization) => { var methodRef = authorization.Method; return await await Method.ById(methodRef, application, async method => { return await await method.GetAuthorizationKeyAsync(application, authorization.parameters, (externalUserKey) => { return Auth.AccountMapping.FindByMethodAndKeyAsync(method.authenticationId, externalUserKey, authorization, accountId => onSuccess(accountId, authorization.authorized), () => onFailure("No mapping to that account.", authorization.authorized)); }, (why) => onFailure(why, authorization.authorized).AsTask(), () => onFailure("This login method is no longer supported.", false).AsTask()); }, () => { return CheckSuperAdminBeforeFailure(authorizationRef, "Authorization method is no longer valid on this system.", authorization.authorized, onSuccess, onFailure).AsTask(); }); }, () => { return CheckSuperAdminBeforeFailure(authorizationRef, "Authorization not found.", false, onSuccess, onFailure).AsTask(); })); }
private static async Task <TResult> GetSessionAcountAsync <TResult>(IRef <Authorization> authorizationRef, IAuthApplication application, Func <Guid, IDictionary <string, string>, bool, TResult> onSuccess, Func <string, bool, TResult> onFailure) { return(await authorizationRef.StorageGetAsync( (authorization) => { if (!authorization.accountIdMaybe.HasValue) // (!authorization.authorized) { return onFailure("Invalid authorization -- it is not authorized.", false); } if (authorization.accountIdMaybe.HasValue) { return onSuccess(authorization.accountIdMaybe.Value, authorization.claims, authorization.authorized); } return onFailure("Authorization is not connected to an account.", false); //var methodRef = authorization.Method; //return await await Method.ById(methodRef, application, // async method => // { // return await await method.GetAuthorizationKeyAsync(application, authorization.parameters, // async (externalUserKey) => // { // if (application is Api.Azure.Credentials.IProvideAccountInformation) // { // var accountInformationProvider = application as Api.Azure.Credentials.IProvideAccountInformation; // return await await accountInformationProvider // .FindOrCreateAccountByMethodAndKeyAsync( // method, externalUserKey, // authorization.parameters, // (accountId, claims) => onSuccess(accountId, claims, authorization.authorized).AsTask(), // why => onFailure(why, false).AsTask(), // () => onFailure("No mapping to that account.", authorization.authorized).AsTask(), // onNoEffect: () => OnContinue()); // } // return await OnContinue(); // Task<TResult> OnContinue() => Auth.AccountMapping.FindByMethodAndKeyAsync(method.authenticationId, externalUserKey, // authorization, // accountId => onSuccess(accountId, authorization.claims, authorization.authorized), // () => onFailure("No mapping to that account.", authorization.authorized)); // }, // (why) => onFailure(why, authorization.authorized).AsTask(), // () => onFailure("This login method is no longer supported.", false).AsTask()); // }, // () => onFailure("Authorization method is no longer valid on this system.", authorization.authorized).AsTask()); //{ // return CheckSuperAdminBeforeFailure(authorizationRef, // "Authorization method is no longer valid on this system.", authorization.authorized, // onSuccess, onFailure).AsTask(); //}); }, () => onFailure("Authorization not found.", false))); //{ // return CheckSuperAdminBeforeFailure(authorizationRef, "Authorization not found.", false, // onSuccess, onFailure).AsTask(); //}); }